Optimizing NAT IP pool allocation on FortiGate-7000 systems with empty FPM slots
FortiOS allocates IP pool addresses evenly among all of the FPMs in a FortiGate-7000 chassis. However, if the chassis has empty FPM slots, IP pool addresses are allocated to the empty slots as well as the operating slots, resulting in fewer IP addresses being available for the operating FPMs.
With FortiOS 6.2.6, when you use the following command to disable the empty slots, all IP pool addresses are allocated to the operating FPMs; resulting in all of the addresses in the IP pool being available.
For example, if you are operating an FortiGate-7060E with FPMs in slots 3 and 4 only, use the following command to disable slots 5 and 6:
config load-balance setting
config workers
edit 5
set status disable
next
edit 6
set status disable
end
Enabling or disabling FPMs causes the FortiGate-7000 to re-partition all NAT pools among the currently active FPMs. This might disrupt currently running sessions, so Fortinet recommends enabling or disabling FPMs during a maintenance window. |